One is strip_tags($string). This attempts to remove all HTML and PHP tags from a string.

Another options is htmlspecialchars($string) which will turn special html characters like < and > into < and > (or something like that).

I like to use the second option,that way if someone want to write some code as an example, say <img src="pic.jpg">, then it shows up just as the person types it, it's not stripped, and it's not evaluated as html.